This method has been proposed by Drs. Paul Carpenter and Chris Chute of Mayo Clinic. It is based on an individual's immutable personal properties. Both Dr. Carpenter and Dr. Chute believe that in addition to characteristics such as uniqueness, verifiability, reliability and administrative ease, the Unique Patient Identifier (UPI) should be based on immutable personal properties rather than those which may be changed by political or personal whim (i.e. last name, town, state, country etc.). Their model consists of three universal immutable values plus a check digit. The three values are 1) a seven-digit date of birth field, 2) a six-digit place of birth code, 3) a five-digit sequence code (to identify the individual born on the same date in the same geographic area) and 4) a single-check digit. The place of birth code identifies world grid coordinates using 360 degrees for longitude and 180 degrees for latitude. Each increment of a degree represent approximately 70 square miles. Local organizations can administer the Unique Patient Identifier and forward it to an international registry such as World Health Organization.
For emergency situations a temporary UPI with the prefix "T" is recommended. This model also recommends the adoption of a base 34-character representation of the UPI for personal memory and ease of use and entry into electronic medical record of the future. Although the proposal does not address the Central Issuing Authority, it indicates the need for a central registry at an organization such as WHO to compare and link records.
Just like other proposals, the Unique Patient Identifier based on Personal Immutable Properties is also at a conceptual stage. Therefore, the method needs to progress from the conceptual stage to specification, design, development, testing and large scale deployment in order to meet the requirements of the healthcare industry.
Accessible: Local organizations can handle the issue of Unique Patient Identifier.
Assignable: Requires local issuing authority to assign the Unique Patient Identifier and forward it to an international authority such as WHO. The required specifications, design, development, testing and deployment are yet to be organized, and the establishment of a local and international authority and their functions are yet to be planned.
Identifiable: Requires the local registry organization to collect demographic data.
Verifiable: Check-digit verification is included in the proposal.
Mergeable: Requires central registry to compare information supplied by the local registry and perform the necessary linkages
Splittable: Requires central registry to compare information supplied by the local registry and take the necessary steps
Linkable: The Personal Immutable Properties-based Unique Patient Identifier can be used to link patient records from multiple sources.
Mappable: Bidirectional linkage is possible between the Personal Immutable Properties-based Unique Patient Identifier and the existing identifiers.
Content Free: The Identifier is created from personal immutable properties and therefore, is not content-free.
Controllable: The Personal Immutable Properties-based Unique Patient Identifier can be encrypted. However, encryption is not included in the proposal.
Healthcare Focused: The proposal is made for healthcare purpose.
Secure: Encryption is not addressed in the proposal. The Personal Immutable Properties-based Unique Patient Identifier can be encrypted and security can be administered by the local issuing authority.
Disidentifiable: Encryption is not included in the proposal. The Personal Immutable Properties-based Unique Patient Identifier can be encrypted in multiple ways.
Public: Public disclosure of the Unique Patient Identifier without risk to privacy and confidentiality of patient information is not discussed in the proposal. The Personal Immutable Properties-based Unique Patient Identifier contains personal information about the individual. Therefore, it is not a public information.
Based on Industry Standards: Not based on industry standard.
Deployable: Does not indicate any barriers.
Usable: The model recommends the adoption of a base 34-character representation of the UPI for personal memory and ease of use and entry into electronic medical record of the future. The 19-character length and the mathematics involved will present difficulty for manual calculation and use.
Unique: The three immutable personal properties namely date birth, place of birth and the sequential identifier assure the uniqueness of the identifier.
Repository-based: The patient ID is made up of the patient's personal properties information. The use of other demographic identification information is not discussed in the proposal. However, there is no inherent barriers to maintaining a repository.
Atomic: This model consists of a series of three universal immutable values plus a check digit. It can be considered a single compound data element.
Concise: This model consists of a 19 character length identifier which will be difficult for manual use.
Unambiguous: The identifier uses numeric characters only and does not present ambiguity.
Permanent: The identifier is intended as a permanent identifier.
Centrally governed: The proposal recommends local organizations to issue identifiers and function as local registries and report to the central organization such as WHO.
Networked: This identifier can be operated on network.
Longevity: The method is capable of functioning for a foreseeable future.
Retroactive: Unique Patient Identifiers can be assigned to existing individuals retroactively. However, the sequence code for individuals born on the same date may not be in the intended sequence while retrospectively assigning their ID.
Universal: This method can support identification of every living person for a foreseeable future.
Incremental Implementation: The proposal does not address the implementation approach. This method can be implemented incrementally.
Cost-effectiveness: This is subject to specification, design, development, testing and deployment that are yet to be organized.
Currently operational: The Unique Patient Identifier based on Personal Immutable Properties is not currently operational.
Existing infrastructure: Administrative and technical infrastructures are not ready yet.
Readiness of the required technology: The necessary technology and check-digit methodologies are ready and available for use.
Timeliness: The proposal does not address the implementation approach. The set-up of administrative and technology infrastructures (Central Trusted Authority, software, hardware, communication network, etc.), and the development of implementation methodology, policies and procedures, etc. must be completed before the nation-wide implementation. The implementation of an entirely new system will require substantial amount of time.
Adequacy of information to support identification functions: The identification data base and its contents have not been addressed. The Unique Patient Identifier based on Personal Immutable Properties still remains only as a concept.
The focus of the Unique Patient Identifier based on Personal Immutable Properties is mainly on the Identifier Component. The model consists of 1) a seven-digit date of birth field, 2) a six-digit place of birth code, 3) a five-digit sequence code (to identify the individual born on the same date in the same geographic area) and 4) a single digit check-digit. For easy representation the method recommends the use of a 34 base number. The 19 character ID length and the mathematics involved will be difficult for manual calculation and use.
The method will require the use of a patient's identifying data elements such as name, date of birth, sex, etc. But it does not address the content or structure of the data base that will contain such data elements.
The proposal indicates that both local and central registries will exist. It does not address its content or the use of an index such as a Master Patient Index.
Does not use encryption
Does not have an existing technology infrastructure and is not addressed in the proposal
Does not have an existing administrative infrastructure. The proposal indicates that both local and central registries will exist, but it does not include a proposal for the administrative infrastructure.
Compliance with the basic functions criteria depends on the identifier's compliance with operational characteristics and the identifier components requirements. The Unique Patient Identifier based on Personal Immutable Properties mainly addresses the identifier component and does not meet several of the operational characteristics. Its ability to meet the basic functions of the Unique Patient Identifier will depend on the inclusion of the remaining five components and the required operational characteristics. It will be unable to meet the basic functions discussed below without them.
Delivery of care functions: The Personal Immutable Properties based Unique Patient Identifier's capability to support the positive identification of an individual during the course of active treatment will depend on its ability to address both the implementation of the remaining identifier components and all of the operational requirements.
Administrative functions: The identifier's capability to support the identification for administrative functions required by practitioners, provider organizations, insurers, HMOs, federal health plan agencies, etc. will depend on its ability to address both the implementation of the remaining identifier components and all of the operational requirements.
Coordination of multi-disciplinary care processes: The identifier's capability to Support multi-disciplinary functions and coordination of care processes including, ordering of procedures, medications and tests, communication of results and consultations will depend on its ability to address both the implementation of the remaining identifier components and the operational requirements.
Organization of patient information and medical record keeping: The identifier's capability to support the manual medical record keeping and the automated collection, storage and retrieval of information will depend on its ability to address both the implementation of the remaining identifier components and the operational requirements.
Manual and automated linkage of lifelong health records: The identifier's capability to identify, organize and link information and records across multiple episodes of cares and multiple sites of care will depend on its ability to address both the implementation of the remaining identifier components and all of the operational requirements. The length of the identifier will not be conducive to manual use.
Aggregation of health information for analysis and research: The identifier's ability to support the aggregation of health information on the basis of groups of patients, regions, diseases, treatments, outcomes, etc. for research, planning and preventive measures will depend on its ability to address both the implementation of the remaining identifier components and the operational requirements.
Access Security: The Access Security and the authentication procedures needed to access the patient care information are not addressed.
Content-free Identifier: The Unique Patient Identifier based on Personal Immutable Properties is based on personal immutable properties.
Mask/Hide/Encrypt/Protect/Disidentify: Does not include encryption protection
The method has the potential to support the functions of a Unique Patient Identifier. However, it will depend upon the implementation of the remaining Unique Patient Identifier components and the capability to address all of the operational requirements. The establishment of both the administrative and technology infrastructures, the design and development of computer software, hardware and communication networks, and the implementation of security measures, etc. will require substantial investment of resource, time and effort.
VIII. Potential Barriers & Challenges to Overcoming the Barriers
Biometric identification consists of patients' personal physical characteristics such as finger print, retina scan, iris scan, voice and DNA analysis. Some of the concerns relating to this option are organ transplant, amputation and diseases affecting organs (such as retinopathy). Biometric identification has been used by government agencies such as law enforcement and immigration. The photo included in an individual's driver's licence or employee ID, thumb print in legal documents, etc. are examples of Biometric Identification. Video-graphed, photographed or scanned image will be used for identification. It can be stored in digitized format in computers and ID Cards. Both for the issue and verification, the individual must be present. The process requires special purpose equipment such as scanner, video camera, computer and card readers with the necessary matching algorithms.
1. Biometric Identification has been in use for a long period of time in various fields such as law enforcement, department of transportation, etc.
Accessible: For accessibility, this method requires the establishment of a local issuing mechanism for the identifier and a central administration to handle its nationwide scope.
Assignable: In addition to the establishment of a local issuing mechanism and a central administration, the physical presence and cooperation of patients, the necessary tools and equipment such as scanner, video, etc. must all be present and functional.
Identifiable: The physical characteristics used in the Unique Patient Identifier based on Biometrics can be matched with the physical characteristics of the individual it identifies. However, additional information such as name, date of birth, etc. must also used in the identification data base.
Verifiable: Verification of the identifier will depend on the computer algorithm and equipment used
Mergeable: Duplicate IDs can be merged via cross-referencing
Splittable: Same ID issued to more than one individual can be handled by issuing new IDs to both or one of the individual.
Linkable: The Unique Patient Identifier based on Biometrics can be used to link patient records from multiple sources.
Mappable: Bidirectional linkage is possible between the Unique Patient Identifier based on Biometrics and the existing Identifiers.
Content Free: Biometric Identifier is based on the personal information of the individual.
Controllable: It is possible to encrypt the Unique Patient Identifier based on Biometrics. However, this capability is subject to the appropriate specifications, design and development that are yet to be organized.
Healthcare Focused: Biometric Identifiers are used in other industries too.
Secure: It is possible to use encryption and the local issuing entity or a central administration can handle the security of the encryption scheme.
Disidentifiable: It is possible to encrypt the Unique Patient Identifier based on Biometrics.
Public: Biometric Identifier consists of personal information, therefore, not meant to be public.
Based on Industry Standards: There is no national standard for the issue, maintenance and use of Biometric Identifiers.
Deployable: The necessary technology and processes to issue, maintain and use the Biometric Identifiers are available but, considered expensive, time consuming and cumbersome.
Usable: Other than an individual's photograph, the Biometric Identifier is not conducive to manual processing.
The creation, maintenance and use of Biometric Identifiers such as photo, thumb print, DNA analysis, retina scan, etc. will require special equipment, processes and procedures. They will be required both at the issuing and the verification points. In addition, adequate communication and computer capabilities will be required by all users of the ID. Therefore, a Central Trusted Authority to oversee the operation with the necessary administrative and technology infrastructure is necessary.
Unique: The information contained in the Identifiers is unique.
Repository-based: Biometric Identification is usually supplemented by other demographic information such as name, address, etc. It can be based on a repository of identification information.
Atomic: The Unique Patient Identifier based on Biometrics can be considered as a single data item.
Concise: Biometric Identifiers are usually not concise. Digitized images will require large amount of storage.
Unambiguous: Other than an individual's photograph, the Biometric Identifier is not conducive to manual processing or recognition.
Permanent: The Unique Patient Identifier based on Biometrics is intended to be permanent. However, amputation, organ transplantation, etc. can directly affect the Biometric Identifier (i.e. Thumb Print, Retina Scan, DNA Analysis).
Centrally governed: The Unique Patient Identifier based on Biometrics requires both local issuing mechanism and a central administration.
Networked: The Biometric Identification System can be supported by computer networks.
Longevity: Biometric Identifiers do not use numbering system and can be used for a foreseeable future.
Retroactive: The Unique Patient Identifier based on Biometrics can be assigned retroactively to all existing individuals.
Universal: The Unique Patient Identifier based on Biometrics can be assigned to all living individuals for a foreseeable future.
Incremental Implementation: The Unique Patient Identifier based on Biometrics can be implemented incrementally.
Cost-effectiveness: Biometric Identification is generally considered expensive and cumbersome to use.
Currently operational: The Unique Patient Identifier based on Biometrics is not currently operational.
Existing infrastructure: Does not have existing administrative and technical infrastructures.
Readiness of the required technology: The necessary scanning and video technology, voice and DNA analysis technology are available.
Timeliness: Biometric Identification is generally considered cumbersome and time consuming to issue, maintain and use. It will require longer time period to implement than other options.
Adequacy of information to support identification functions: The identification data base and its contents have not yet been addressed.
There are several options available for a biometric identification such as finger print, retina scan, iris scan, voice, DNA analysis, etc. Scanned or video graphed images serve as the identifier. The actual choice or choices from these various methods for use in healthcare have not been made.
Biometric identifier will require identifying data elements such as name, data of birth, etc., to support healthcare functions. But a proposal addressing these identification information is non-existent.
An index that links the identifier and the identification information would be necessary. But a proposal addressing such an index is not in existence.
Encryption is not being proposed for this option.
Does not have the required technology infrastructure in place to support healthcare functions, nor does a proposal for its creation exist.
Does not have the required administrative infrastructure in place to support healthcare functions, nor does a proposal for its creation exist.
Biometrics identifiers are currently used for applications that require positive identification of individuals. They are quite suitable for low volume activities such as personal identification verification. But their use in high volume transactions processing such as record keeping, information management, report generation, manual and or electronic exchange of information, coordination of multi-disciplinary team work and sensitive and timely healthcare delivery functions have not been tried. The Unique Patient Identifier based on Biometrics does not meet several of the operational characteristics and the identifier components requirements. Its ability will depend on the development of a complete proposal and inclusion of missing components and operational requirements. It will be unable to meet the basic functions discussed below without them.
Delivery of care functions: The ability to support the manual and automated identification of an individual during the delivery of care processes will depend on the format and content of the identifier, its ease of use, the turn around time, implementation of the remaining identifier components and the ability to meet all of the operational requirements.
Administrative functions: The ability to support the identification required by practitioners, provider organizations and secondary users for administrative functions will depend on the format and content of the identifier, its ease of use, the turn around time, implementation of the remaining identifier components and the ability to meet all of the operational requirements.
Coordination of multi-disciplinary care processes: Multi-disciplinary functions and coordination of care processes including, ordering of procedures, medications, tests, etc., communication of results and consultations will depend on the format and content of the identifier, its ease of use, the turn around time, implementation of the remaining identifier components and the ability to meet all of the operational requirements.
Organization of patient information and medical record keeping: Manual medical record keeping and automated collection, storage and retrieval of information during the course of active treatment will depend on the format and content of the identifier, its ease of use, the turn around time, implementation of the remaining identifier components and the ability to meet all of the operational requirements.
Manual and automated linkage of lifelong health records: This ability will depend on the format and content of the identifier, its ease of use, the turn around time, implementation of the remaining identifier components and the ability to meet all of the operational requirements.
Aggregation of health information for analysis and research: The aggregation of health information on the basis of groups of patients, regions, diseases, treatments, outcomes, etc. for research, planning and preventive measures will depend on the format and content of the identifier, its ease of use, the turn around time, implementation of the remaining identifier components and the ability to meet all of the operational requirements.
Support the protection of privacy, confidentiality & security
Access Security: The Access Security and the authentication procedures needed to access the patient care information are not addressed.
Content-free Identifier: The identifier contains the patient's physical identification characteristics.
Mask/Hide/Encrypt/Protect/Disidentify: Encryption is not addressed.
The method appears to lack the ability to support several basic functions. It is missing several operational characteristics and identifier components. The inclusion of missing characteristics, establishment of both the administrative and technology infrastructures, design and development of computer software, hardware, and communication networks, and implementation of security measures, etc. will require substantial investment of resources, time and effort.